fix(desudo): manager->self sudo drops -> runAsManager (scoped-sudoers safe)
The scoped sudoers grants the manager (root) and (dockerinstall) but NOT (itself), so the many 'sudo -u $sudo_user_name <cmd>' calls (crontab, git/update, reinstall, swapfile, …) failed with 'a password is required' once per CLI command. runAsManager runs the command plainly when already the manager (the runtime case) and only sudo -u's when root (install time), so it's correct in both contexts and needs no sudoers self-grant. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> Signed-off-by: librelad <librelad@digitalangels.vip>
This commit is contained in:
parent
4f2fd251fa
commit
6bb04533fa
@ -4,7 +4,7 @@ checkCrontabRequirement()
|
|||||||
{
|
{
|
||||||
if [[ $CFG_REQUIREMENT_CRONTAB == "true" ]]; then
|
if [[ $CFG_REQUIREMENT_CRONTAB == "true" ]]; then
|
||||||
### Crontab
|
### Crontab
|
||||||
if [[ "$ISCRON" != *"command not found"* ]] && sudo -u $sudo_user_name crontab -l 2>/dev/null | grep -q "cron is set up for $sudo_user_name"; then
|
if [[ "$ISCRON" != *"command not found"* ]] && runAsManager crontab -l 2>/dev/null | grep -q "cron is set up for $sudo_user_name"; then
|
||||||
isSuccessful "Crontab is successfully set up."
|
isSuccessful "Crontab is successfully set up."
|
||||||
CRONTAB_SETUP="true"
|
CRONTAB_SETUP="true"
|
||||||
else
|
else
|
||||||
|
|||||||
@ -5,14 +5,14 @@
|
|||||||
# backup task per enabled app for the processor to drain serially.
|
# backup task per enabled app for the processor to drain serially.
|
||||||
crontabSetupBackupScheduler()
|
crontabSetupBackupScheduler()
|
||||||
{
|
{
|
||||||
local ISCRON=$( (sudo -u $sudo_user_name crontab -l) 2>/dev/null )
|
local ISCRON=$( (runAsManager crontab -l) 2>/dev/null )
|
||||||
|
|
||||||
if [[ "$ISCRON" == *"command not found"* ]]; then
|
if [[ "$ISCRON" == *"command not found"* ]]; then
|
||||||
isNotice "Crontab is not found. Unable to set up the backup scheduler."
|
isNotice "Crontab is not found. Unable to set up the backup scheduler."
|
||||||
return 0
|
return 0
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if ! sudo -u $sudo_user_name crontab -l 2>/dev/null | grep -q "cron is set up for $sudo_user_name"; then
|
if ! runAsManager crontab -l 2>/dev/null | grep -q "cron is set up for $sudo_user_name"; then
|
||||||
isNotice "Crontab is not set up, skipping backup scheduler until it's found."
|
isNotice "Crontab is not set up, skipping backup scheduler until it's found."
|
||||||
return 0
|
return 0
|
||||||
fi
|
fi
|
||||||
@ -22,8 +22,8 @@ crontabSetupBackupScheduler()
|
|||||||
|
|
||||||
# Drop any previous scheduler entry, then re-add the current one so a
|
# Drop any previous scheduler entry, then re-add the current one so a
|
||||||
# changed schedule (CFG_BACKUP_CRONTAB_APP) always takes effect.
|
# changed schedule (CFG_BACKUP_CRONTAB_APP) always takes effect.
|
||||||
local result=$(sudo -u $sudo_user_name crontab -l 2>/dev/null | grep -v "$marker" | sudo -u $sudo_user_name crontab -)
|
local result=$(runAsManager crontab -l 2>/dev/null | grep -v "$marker" | runAsManager crontab -)
|
||||||
local result=$( (sudo -u $sudo_user_name crontab -l 2>/dev/null; echo "$scheduler_entry") | sudo -u $sudo_user_name crontab - )
|
local result=$( (runAsManager crontab -l 2>/dev/null; echo "$scheduler_entry") | runAsManager crontab - )
|
||||||
checkSuccess "Installing the daily backup scheduler entry"
|
checkSuccess "Installing the daily backup scheduler entry"
|
||||||
|
|
||||||
local schedule_time=$(echo "$CFG_BACKUP_CRONTAB_APP" | cut -d' ' -f2)
|
local schedule_time=$(echo "$CFG_BACKUP_CRONTAB_APP" | cut -d' ' -f2)
|
||||||
|
|||||||
@ -7,14 +7,14 @@ installCrontab()
|
|||||||
isHeader "Crontab Install"
|
isHeader "Crontab Install"
|
||||||
|
|
||||||
# Check to see if already installed
|
# Check to see if already installed
|
||||||
ISCRON=$( (sudo -u $sudo_user_name crontab -l) 2>&1 )
|
ISCRON=$( (runAsManager crontab -l) 2>&1 )
|
||||||
if [[ "$ISCRON" == *"command not found"* ]]; then
|
if [[ "$ISCRON" == *"command not found"* ]]; then
|
||||||
isNotice "Crontab is not installed, setting up now."
|
isNotice "Crontab is not installed, setting up now."
|
||||||
local result=$(runSystem apt update)
|
local result=$(runSystem apt update)
|
||||||
checkSuccess "Updating apt for post installation"
|
checkSuccess "Updating apt for post installation"
|
||||||
local result=$(runSystem apt install cron -y)
|
local result=$(runSystem apt install cron -y)
|
||||||
isSuccessful "Installing crontab application"
|
isSuccessful "Installing crontab application"
|
||||||
local result=$(sudo -u $sudo_user_name crontab -l)
|
local result=$(runAsManager crontab -l)
|
||||||
isSuccessful "Enabling crontab on the system"
|
isSuccessful "Enabling crontab on the system"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|||||||
@ -3,10 +3,10 @@
|
|||||||
crontabSetup()
|
crontabSetup()
|
||||||
{
|
{
|
||||||
local search_line="# cron is set up for $sudo_user_name"
|
local search_line="# cron is set up for $sudo_user_name"
|
||||||
local cron_output=$(sudo -u $sudo_user_name crontab -l 2>/dev/null)
|
local cron_output=$(runAsManager crontab -l 2>/dev/null)
|
||||||
|
|
||||||
if [[ ! $cron_output == *"$search_line"* ]]; then
|
if [[ ! $cron_output == *"$search_line"* ]]; then
|
||||||
local result=$( (sudo -u $sudo_user_name crontab -l 2>/dev/null; echo "# cron is set up for $sudo_user_name") | sudo -u $sudo_user_name crontab - 2>/dev/null )
|
local result=$( (runAsManager crontab -l 2>/dev/null; echo "# cron is set up for $sudo_user_name") | runAsManager crontab - 2>/dev/null )
|
||||||
checkSuccess "Setting up Crontab for $sudo_user_name user"
|
checkSuccess "Setting up Crontab for $sudo_user_name user"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|||||||
@ -5,11 +5,11 @@ crontabSetupSystemInfoUpdater()
|
|||||||
local cronEntry="* * * * * libreportal webui generate system >/dev/null 2>&1"
|
local cronEntry="* * * * * libreportal webui generate system >/dev/null 2>&1"
|
||||||
|
|
||||||
# Check if already in crontab
|
# Check if already in crontab
|
||||||
if sudo -u $sudo_user_name crontab -l 2>/dev/null | grep -q "libreportal webui generate system"; then
|
if runAsManager crontab -l 2>/dev/null | grep -q "libreportal webui generate system"; then
|
||||||
isNotice "System info updater already in crontab"
|
isNotice "System info updater already in crontab"
|
||||||
else
|
else
|
||||||
# Add to crontab
|
# Add to crontab
|
||||||
(sudo -u $sudo_user_name crontab -l 2>/dev/null; echo "$cronEntry") | sudo -u $sudo_user_name crontab -
|
(runAsManager crontab -l 2>/dev/null; echo "$cronEntry") | runAsManager crontab -
|
||||||
isSuccessful "System info updater added to crontab (every 1 minute)."
|
isSuccessful "System info updater added to crontab (every 1 minute)."
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|||||||
@ -16,11 +16,11 @@ crontabSetupCheckProcessor()
|
|||||||
local cronEntry="*/5 * * * * $task_check_script start_script"
|
local cronEntry="*/5 * * * * $task_check_script start_script"
|
||||||
|
|
||||||
# Check if already in crontab
|
# Check if already in crontab
|
||||||
if sudo -u $sudo_user_name crontab -l 2>/dev/null | grep -q "crontab_check_processor.sh"; then
|
if runAsManager crontab -l 2>/dev/null | grep -q "crontab_check_processor.sh"; then
|
||||||
isNotice "Task process checker already in crontab"
|
isNotice "Task process checker already in crontab"
|
||||||
else
|
else
|
||||||
# Add to crontab
|
# Add to crontab
|
||||||
(sudo -u $sudo_user_name crontab -l 2>/dev/null; echo "$cronEntry") | sudo -u $sudo_user_name crontab -
|
(runAsManager crontab -l 2>/dev/null; echo "$cronEntry") | runAsManager crontab -
|
||||||
isSuccessful "Continuous task process checker added to crontab."
|
isSuccessful "Continuous task process checker added to crontab."
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|||||||
@ -16,11 +16,11 @@ crontabSetupTaskProcessor()
|
|||||||
local cronEntry="* * * * * $task_processor_script start_script"
|
local cronEntry="* * * * * $task_processor_script start_script"
|
||||||
|
|
||||||
# Check if already in crontab
|
# Check if already in crontab
|
||||||
if sudo -u $sudo_user_name crontab -l 2>/dev/null | grep -q "crontab_task_processor.sh"; then
|
if runAsManager crontab -l 2>/dev/null | grep -q "crontab_task_processor.sh"; then
|
||||||
isNotice "Task processor already in crontab"
|
isNotice "Task processor already in crontab"
|
||||||
else
|
else
|
||||||
# Add to crontab
|
# Add to crontab
|
||||||
(sudo -u $sudo_user_name crontab -l 2>/dev/null; echo "$cronEntry") | sudo -u $sudo_user_name crontab -
|
(runAsManager crontab -l 2>/dev/null; echo "$cronEntry") | runAsManager crontab -
|
||||||
isSuccessful "Continuous task processor added to crontab."
|
isSuccessful "Continuous task processor added to crontab."
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|||||||
@ -59,7 +59,7 @@ installDockerRootless()
|
|||||||
local result=$(echo "kernel.unprivileged_userns_clone=1" | sudo tee -a $sysctl > /dev/null)
|
local result=$(echo "kernel.unprivileged_userns_clone=1" | sudo tee -a $sysctl > /dev/null)
|
||||||
checkSuccess "Adding kernel.unprivileged_userns_clone=1 to $sysctl..."
|
checkSuccess "Adding kernel.unprivileged_userns_clone=1 to $sysctl..."
|
||||||
local result=$(runSystem sysctl --system)
|
local result=$(runSystem sysctl --system)
|
||||||
checkSuccess "Running sudo -u $sudo_user_name sysctl --system..."
|
checkSuccess "Running runAsManager sysctl --system..."
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|||||||
@ -17,7 +17,7 @@ runReinstall()
|
|||||||
gitCheckGitDetails;
|
gitCheckGitDetails;
|
||||||
|
|
||||||
# Reset git
|
# Reset git
|
||||||
local result=$(sudo -u $sudo_user_name rm -rf $script_dir)
|
local result=$(runAsManager rm -rf $script_dir)
|
||||||
checkSuccess "Deleting all Git files"
|
checkSuccess "Deleting all Git files"
|
||||||
local result=$(createFolders "loud" $sudo_user_name "$script_dir")
|
local result=$(createFolders "loud" $sudo_user_name "$script_dir")
|
||||||
checkSuccess "Create the directory if it doesn't exist"
|
checkSuccess "Create the directory if it doesn't exist"
|
||||||
@ -63,7 +63,7 @@ runReinstall()
|
|||||||
AUTH_HTTP_REPO_URL="http://${CFG_GIT_USER}:${CFG_GIT_KEY}@${CLEAN_GIT_URL}.git"
|
AUTH_HTTP_REPO_URL="http://${CFG_GIT_USER}:${CFG_GIT_KEY}@${CLEAN_GIT_URL}.git"
|
||||||
|
|
||||||
# Try HTTPS first
|
# Try HTTPS first
|
||||||
if sudo -u $sudo_user_name git clone -q "$AUTH_HTTPS_REPO_URL" "/docker/install" 2>/dev/null; then
|
if runAsManager git clone -q "$AUTH_HTTPS_REPO_URL" "/docker/install" 2>/dev/null; then
|
||||||
runSystem cp -f /docker/install/init.sh /root/
|
runSystem cp -f /docker/install/init.sh /root/
|
||||||
echo "SUCCESS: Git repository cloned via HTTPS into /docker/install."
|
echo "SUCCESS: Git repository cloned via HTTPS into /docker/install."
|
||||||
echo ""
|
echo ""
|
||||||
@ -71,7 +71,7 @@ runReinstall()
|
|||||||
echo ""
|
echo ""
|
||||||
else
|
else
|
||||||
# If HTTPS fails, try HTTP
|
# If HTTPS fails, try HTTP
|
||||||
if sudo -u $sudo_user_name git clone -q "$AUTH_HTTP_REPO_URL" "/docker/install" 2>/dev/null; then
|
if runAsManager git clone -q "$AUTH_HTTP_REPO_URL" "/docker/install" 2>/dev/null; then
|
||||||
runSystem cp -f /docker/install/init.sh /root/
|
runSystem cp -f /docker/install/init.sh /root/
|
||||||
echo "SUCCESS: Git repository cloned via HTTP into /docker/install."
|
echo "SUCCESS: Git repository cloned via HTTP into /docker/install."
|
||||||
echo ""
|
echo ""
|
||||||
|
|||||||
@ -24,7 +24,7 @@ crowdsecToggleLibrePortalLogMounts() {
|
|||||||
|
|
||||||
if runFileOp docker ps --format '{{.Names}}' 2>/dev/null | grep -q '^libreportal-service$'; then
|
if runFileOp docker ps --format '{{.Names}}' 2>/dev/null | grep -q '^libreportal-service$'; then
|
||||||
isNotice "Recreating libreportal so log mount toggle takes effect..."
|
isNotice "Recreating libreportal so log mount toggle takes effect..."
|
||||||
( cd /docker/containers/libreportal && sudo -u libreportal docker compose up -d >/dev/null 2>&1 ) || true
|
( cd /docker/containers/libreportal && runAsManager docker compose up -d >/dev/null 2>&1 ) || true
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -5,22 +5,22 @@ installSwapfile()
|
|||||||
if [[ "$CFG_REQUIREMENT_SWAPFILE" == "true" ]]; then
|
if [[ "$CFG_REQUIREMENT_SWAPFILE" == "true" ]]; then
|
||||||
if [ ! -f "$swap_file" ]; then
|
if [ ! -f "$swap_file" ]; then
|
||||||
isHeader "Increasing Swapfile"
|
isHeader "Increasing Swapfile"
|
||||||
ISSWAP=$( (sudo -u $sudo_user_name swapoff /swapfile) 2>&1 )
|
ISSWAP=$( (runAsManager swapoff /swapfile) 2>&1 )
|
||||||
if [[ "$ISSWAP" != *"No such file or directory"* ]]; then
|
if [[ "$ISSWAP" != *"No such file or directory"* ]]; then
|
||||||
local result=$(sudo -u $sudo_user_name swapoff /swapfile)
|
local result=$(runAsManager swapoff /swapfile)
|
||||||
isSuccessful "Turning off /swapfile (if needed)"
|
isSuccessful "Turning off /swapfile (if needed)"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
local result=$(sudo -u $sudo_user_name fallocate -l $CFG_SWAPFILE_SIZE /swapfile)
|
local result=$(runAsManager fallocate -l $CFG_SWAPFILE_SIZE /swapfile)
|
||||||
checkSuccess "Allocating $CFG_SWAPFILE_SIZE to the /swapfile"
|
checkSuccess "Allocating $CFG_SWAPFILE_SIZE to the /swapfile"
|
||||||
|
|
||||||
local result=$(sudo chmod 0600 /swapfile)
|
local result=$(sudo chmod 0600 /swapfile)
|
||||||
checkSuccess "Adding permissions to the /swapfile"
|
checkSuccess "Adding permissions to the /swapfile"
|
||||||
|
|
||||||
local result=$(sudo -u $sudo_user_name mkswap /swapfile)
|
local result=$(runAsManager mkswap /swapfile)
|
||||||
checkSuccess "Swapping to the new /swapfile"
|
checkSuccess "Swapping to the new /swapfile"
|
||||||
|
|
||||||
local result=$(sudo -u $sudo_user_name swapon /swapfile)
|
local result=$(runAsManager swapon /swapfile)
|
||||||
checkSuccess "Enabling the new /swapfile"
|
checkSuccess "Enabling the new /swapfile"
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|||||||
@ -32,7 +32,7 @@ gitPerformUpdate()
|
|||||||
local result=$(copyFolders "$backup_install_dir/$backupFolder/" "$docker_dir" "$sudo_user_name")
|
local result=$(copyFolders "$backup_install_dir/$backupFolder/" "$docker_dir" "$sudo_user_name")
|
||||||
checkSuccess "Copy the backed up folders back into the installation directory"
|
checkSuccess "Copy the backed up folders back into the installation directory"
|
||||||
|
|
||||||
local result=$(sudo -u $sudo_user_name zip -r "$backup_install_dir/$backupFolder.zip" "$backup_install_dir/$backupFolder")
|
local result=$(runAsManager zip -r "$backup_install_dir/$backupFolder.zip" "$backup_install_dir/$backupFolder")
|
||||||
checkSuccess "Zipping up the the backup folder for safe keeping"
|
checkSuccess "Zipping up the the backup folder for safe keeping"
|
||||||
|
|
||||||
gitCleanInstallBackups;
|
gitCleanInstallBackups;
|
||||||
|
|||||||
@ -44,16 +44,16 @@ webuiRunUpdate()
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
cd "$script_dir" || { isError "Cannot access the install directory ($script_dir)."; return 1; }
|
cd "$script_dir" || { isError "Cannot access the install directory ($script_dir)."; return 1; }
|
||||||
sudo -u "$sudo_user_name" git config core.fileMode false
|
runAsManager git config core.fileMode false
|
||||||
|
|
||||||
# Force a fresh fetch + status write so the decision below (and the badge)
|
# Force a fresh fetch + status write so the decision below (and the badge)
|
||||||
# reflect reality right now, not a stale throttled snapshot.
|
# reflect reality right now, not a stale throttled snapshot.
|
||||||
webuiSystemUpdateCheck "force"
|
webuiSystemUpdateCheck "force"
|
||||||
|
|
||||||
local branch behind
|
local branch behind
|
||||||
branch=$(sudo -u "$sudo_user_name" git -C "$script_dir" rev-parse --abbrev-ref HEAD 2>/dev/null)
|
branch=$(runAsManager git -C "$script_dir" rev-parse --abbrev-ref HEAD 2>/dev/null)
|
||||||
[[ -z "$branch" || "$branch" == "HEAD" ]] && branch="main"
|
[[ -z "$branch" || "$branch" == "HEAD" ]] && branch="main"
|
||||||
behind=$(sudo -u "$sudo_user_name" git -C "$script_dir" rev-list --count "HEAD..refs/remotes/origin/$branch" 2>/dev/null)
|
behind=$(runAsManager git -C "$script_dir" rev-list --count "HEAD..refs/remotes/origin/$branch" 2>/dev/null)
|
||||||
[[ -z "$behind" ]] && behind=0
|
[[ -z "$behind" ]] && behind=0
|
||||||
|
|
||||||
if [[ "$behind" -eq 0 ]]; then
|
if [[ "$behind" -eq 0 ]]; then
|
||||||
@ -128,10 +128,10 @@ checkUpdates()
|
|||||||
cd "$script_dir" || { isError " Cannot navigate to the repository directory"; exit 1; }
|
cd "$script_dir" || { isError " Cannot navigate to the repository directory"; exit 1; }
|
||||||
|
|
||||||
# Update Git to ignore changes in file permissions
|
# Update Git to ignore changes in file permissions
|
||||||
sudo -u $sudo_user_name git config core.fileMode false
|
runAsManager git config core.fileMode false
|
||||||
# Update Git with email address
|
# Update Git with email address
|
||||||
sudo -u $sudo_user_name git config --global user.name "$CFG_INSTALL_NAME"
|
runAsManager git config --global user.name "$CFG_INSTALL_NAME"
|
||||||
sudo -u $sudo_user_name git config --global user.email "noreply@${CFG_INSTALL_NAME,,}.libreportal.local"
|
runAsManager git config --global user.email "noreply@${CFG_INSTALL_NAME,,}.libreportal.local"
|
||||||
|
|
||||||
# Check if there are edited (modified) files
|
# Check if there are edited (modified) files
|
||||||
if git status --porcelain | grep -q "^ M"; then
|
if git status --porcelain | grep -q "^ M"; then
|
||||||
|
|||||||
@ -11,7 +11,7 @@ gitCheckForUpdate()
|
|||||||
while true; do
|
while true; do
|
||||||
gitCheckGitDetails;
|
gitCheckGitDetails;
|
||||||
# Test the credentials by trying to fetch
|
# Test the credentials by trying to fetch
|
||||||
if sudo -u $sudo_user_name git -c "credential.helper=" -c "credential.helper=!f() { echo username=$CFG_GIT_USER; echo password=$CFG_GIT_KEY; }; f" fetch > /dev/null 2>&1; then
|
if runAsManager git -c "credential.helper=" -c "credential.helper=!f() { echo username=$CFG_GIT_USER; echo password=$CFG_GIT_KEY; }; f" fetch > /dev/null 2>&1; then
|
||||||
isSuccessful "Git authentication successful"
|
isSuccessful "Git authentication successful"
|
||||||
break
|
break
|
||||||
else
|
else
|
||||||
@ -22,13 +22,13 @@ gitCheckForUpdate()
|
|||||||
|
|
||||||
# Proceed with the fetch using the credentials if they were provided
|
# Proceed with the fetch using the credentials if they were provided
|
||||||
if [[ $CFG_INSTALL_MODE == "git" ]]; then
|
if [[ $CFG_INSTALL_MODE == "git" ]]; then
|
||||||
sudo -u $sudo_user_name git -c "credential.helper=" -c "credential.helper=!f() { echo username=$CFG_GIT_USER; echo password=$CFG_GIT_KEY; }; f" fetch > /dev/null 2>&1
|
runAsManager git -c "credential.helper=" -c "credential.helper=!f() { echo username=$CFG_GIT_USER; echo password=$CFG_GIT_KEY; }; f" fetch > /dev/null 2>&1
|
||||||
else
|
else
|
||||||
sudo -u $sudo_user_name git fetch > /dev/null 2>&1
|
runAsManager git fetch > /dev/null 2>&1
|
||||||
fi
|
fi
|
||||||
if sudo -u $sudo_user_name git status | grep -q "Your branch is ahead"; then
|
if runAsManager git status | grep -q "Your branch is ahead"; then
|
||||||
isSuccessful "The repository is up to date...continuing..."
|
isSuccessful "The repository is up to date...continuing..."
|
||||||
elif sudo -u $sudo_user_name git status | grep -q "Your branch is up to date with"; then
|
elif runAsManager git status | grep -q "Your branch is up to date with"; then
|
||||||
isSuccessful "The repository is up to date...continuing..."
|
isSuccessful "The repository is up to date...continuing..."
|
||||||
else
|
else
|
||||||
isNotice "Updates found."
|
isNotice "Updates found."
|
||||||
|
|||||||
@ -15,7 +15,7 @@ gitReset()
|
|||||||
runInstallOp chown -R $sudo_user_name:$sudo_user_name "$script_dir"
|
runInstallOp chown -R $sudo_user_name:$sudo_user_name "$script_dir"
|
||||||
}
|
}
|
||||||
|
|
||||||
local result=$(sudo -u $sudo_user_name rm -rf $script_dir)
|
local result=$(runAsManager rm -rf $script_dir)
|
||||||
checkSuccess "Deleting all Git files"
|
checkSuccess "Deleting all Git files"
|
||||||
|
|
||||||
cd $docker_dir
|
cd $docker_dir
|
||||||
@ -30,11 +30,11 @@ gitReset()
|
|||||||
AUTH_HTTP_REPO_URL="http://${CFG_GIT_USER}:${CFG_GIT_KEY}@${CLEAN_GIT_URL}.git"
|
AUTH_HTTP_REPO_URL="http://${CFG_GIT_USER}:${CFG_GIT_KEY}@${CLEAN_GIT_URL}.git"
|
||||||
|
|
||||||
# Try HTTPS first
|
# Try HTTPS first
|
||||||
if sudo -u $sudo_user_name git clone -q "$AUTH_HTTPS_REPO_URL" "$script_dir" 2>/dev/null; then
|
if runAsManager git clone -q "$AUTH_HTTPS_REPO_URL" "$script_dir" 2>/dev/null; then
|
||||||
isSuccessful "Git repository cloned via HTTPS into '$script_dir'."
|
isSuccessful "Git repository cloned via HTTPS into '$script_dir'."
|
||||||
else
|
else
|
||||||
# If HTTPS fails, try HTTP
|
# If HTTPS fails, try HTTP
|
||||||
if sudo -u $sudo_user_name git clone -q "$AUTH_HTTP_REPO_URL" "$script_dir" 2>/dev/null; then
|
if runAsManager git clone -q "$AUTH_HTTP_REPO_URL" "$script_dir" 2>/dev/null; then
|
||||||
isSuccessful "Git repository cloned via HTTP into '$script_dir'."
|
isSuccessful "Git repository cloned via HTTP into '$script_dir'."
|
||||||
else
|
else
|
||||||
isError " Failed to clone repository via both HTTPS and HTTP."
|
isError " Failed to clone repository via both HTTPS and HTTP."
|
||||||
@ -42,11 +42,11 @@ gitReset()
|
|||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
elif [[ $CFG_INSTALL_MODE == "local" ]]; then
|
elif [[ $CFG_INSTALL_MODE == "local" ]]; then
|
||||||
if sudo -u $sudo_user_name git clone -q "https://${CLEAN_GIT_URL}.git" "$script_dir" 2>/dev/null; then
|
if runAsManager git clone -q "https://${CLEAN_GIT_URL}.git" "$script_dir" 2>/dev/null; then
|
||||||
isSuccessful "Git repository cloned via HTTPS into '$script_dir'."
|
isSuccessful "Git repository cloned via HTTPS into '$script_dir'."
|
||||||
else
|
else
|
||||||
# If HTTPS fails, try HTTP
|
# If HTTPS fails, try HTTP
|
||||||
if sudo -u $sudo_user_name git clone -q "http://${CLEAN_GIT_URL}.git" "$script_dir" 2>/dev/null; then
|
if runAsManager git clone -q "http://${CLEAN_GIT_URL}.git" "$script_dir" 2>/dev/null; then
|
||||||
isSuccessful "Git repository cloned via HTTP into '$script_dir'."
|
isSuccessful "Git repository cloned via HTTP into '$script_dir'."
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|||||||
@ -4,8 +4,8 @@ gitUntrackFiles()
|
|||||||
{
|
{
|
||||||
# Fixing the issue where the git does not use the .gitignore
|
# Fixing the issue where the git does not use the .gitignore
|
||||||
cd $script_dir
|
cd $script_dir
|
||||||
local result=$(sudo -u $sudo_user_name git config core.fileMode false)
|
local result=$(runAsManager git config core.fileMode false)
|
||||||
checkSuccess "Removing configs and logs from git for git changes"
|
checkSuccess "Removing configs and logs from git for git changes"
|
||||||
local result=$(sudo -u $sudo_user_name git commit -m "Stop tracking ignored files")
|
local result=$(runAsManager git commit -m "Stop tracking ignored files")
|
||||||
checkSuccess "Removing tracking ignored files"
|
checkSuccess "Removing tracking ignored files"
|
||||||
}
|
}
|
||||||
|
|||||||
@ -54,7 +54,7 @@ webuiSystemUpdateCheck() {
|
|||||||
current_version=$(tr -d ' \t\n\r' < "$repo_dir/VERSION")
|
current_version=$(tr -d ' \t\n\r' < "$repo_dir/VERSION")
|
||||||
fi
|
fi
|
||||||
if [[ -z "$current_version" ]]; then
|
if [[ -z "$current_version" ]]; then
|
||||||
current_version=$(sudo -u "$sudo_user_name" git -C "$repo_dir" describe --tags --abbrev=0 2>/dev/null)
|
current_version=$(runAsManager git -C "$repo_dir" describe --tags --abbrev=0 2>/dev/null)
|
||||||
fi
|
fi
|
||||||
[[ -z "$current_version" ]] && current_version="unknown"
|
[[ -z "$current_version" ]] && current_version="unknown"
|
||||||
|
|
||||||
@ -108,10 +108,10 @@ EOF
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
local branch
|
local branch
|
||||||
branch=$(sudo -u "$sudo_user_name" git -C "$repo_dir" rev-parse --abbrev-ref HEAD 2>/dev/null)
|
branch=$(runAsManager git -C "$repo_dir" rev-parse --abbrev-ref HEAD 2>/dev/null)
|
||||||
[[ -z "$branch" || "$branch" == "HEAD" ]] && branch="main"
|
[[ -z "$branch" || "$branch" == "HEAD" ]] && branch="main"
|
||||||
|
|
||||||
sudo -u "$sudo_user_name" git -C "$repo_dir" config core.fileMode false >/dev/null 2>&1
|
runAsManager git -C "$repo_dir" config core.fileMode false >/dev/null 2>&1
|
||||||
|
|
||||||
# Decide whether to hit the network this run.
|
# Decide whether to hit the network this run.
|
||||||
local do_fetch="false"
|
local do_fetch="false"
|
||||||
@ -128,20 +128,20 @@ EOF
|
|||||||
if [[ "$do_fetch" == "true" ]]; then
|
if [[ "$do_fetch" == "true" ]]; then
|
||||||
local _fetched="false"
|
local _fetched="false"
|
||||||
if [[ "$install_mode" == "git" && -n "$CFG_GIT_USER" && "$CFG_GIT_USER" != "empty" && "$CFG_GIT_USER" != "changeme" ]]; then
|
if [[ "$install_mode" == "git" && -n "$CFG_GIT_USER" && "$CFG_GIT_USER" != "empty" && "$CFG_GIT_USER" != "changeme" ]]; then
|
||||||
if sudo -u "$sudo_user_name" git -C "$repo_dir" \
|
if runAsManager git -C "$repo_dir" \
|
||||||
-c "credential.helper=" \
|
-c "credential.helper=" \
|
||||||
-c "credential.helper=!f() { echo username=$CFG_GIT_USER; echo password=$CFG_GIT_KEY; }; f" \
|
-c "credential.helper=!f() { echo username=$CFG_GIT_USER; echo password=$CFG_GIT_KEY; }; f" \
|
||||||
fetch --quiet origin "$branch" >/dev/null 2>&1; then
|
fetch --quiet origin "$branch" >/dev/null 2>&1; then
|
||||||
_fetched="true"
|
_fetched="true"
|
||||||
fi
|
fi
|
||||||
else
|
else
|
||||||
if sudo -u "$sudo_user_name" git -C "$repo_dir" fetch --quiet origin "$branch" >/dev/null 2>&1; then
|
if runAsManager git -C "$repo_dir" fetch --quiet origin "$branch" >/dev/null 2>&1; then
|
||||||
_fetched="true"
|
_fetched="true"
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [[ "$_fetched" == "true" ]]; then
|
if [[ "$_fetched" == "true" ]]; then
|
||||||
sudo -u "$sudo_user_name" touch "$stamp_file" 2>/dev/null || touch "$stamp_file" 2>/dev/null
|
runAsManager touch "$stamp_file" 2>/dev/null || touch "$stamp_file" 2>/dev/null
|
||||||
else
|
else
|
||||||
fetch_error="Could not reach the update server."
|
fetch_error="Could not reach the update server."
|
||||||
fi
|
fi
|
||||||
@ -149,16 +149,16 @@ EOF
|
|||||||
|
|
||||||
# Compare local HEAD against the (possibly just-fetched) remote ref.
|
# Compare local HEAD against the (possibly just-fetched) remote ref.
|
||||||
local current_commit latest_commit behind ahead latest_version
|
local current_commit latest_commit behind ahead latest_version
|
||||||
current_commit=$(sudo -u "$sudo_user_name" git -C "$repo_dir" rev-parse --short HEAD 2>/dev/null)
|
current_commit=$(runAsManager git -C "$repo_dir" rev-parse --short HEAD 2>/dev/null)
|
||||||
latest_commit=$(sudo -u "$sudo_user_name" git -C "$repo_dir" rev-parse --short "refs/remotes/origin/$branch" 2>/dev/null)
|
latest_commit=$(runAsManager git -C "$repo_dir" rev-parse --short "refs/remotes/origin/$branch" 2>/dev/null)
|
||||||
behind=$(sudo -u "$sudo_user_name" git -C "$repo_dir" rev-list --count "HEAD..refs/remotes/origin/$branch" 2>/dev/null)
|
behind=$(runAsManager git -C "$repo_dir" rev-list --count "HEAD..refs/remotes/origin/$branch" 2>/dev/null)
|
||||||
ahead=$(sudo -u "$sudo_user_name" git -C "$repo_dir" rev-list --count "refs/remotes/origin/$branch..HEAD" 2>/dev/null)
|
ahead=$(runAsManager git -C "$repo_dir" rev-list --count "refs/remotes/origin/$branch..HEAD" 2>/dev/null)
|
||||||
[[ -z "$behind" ]] && behind=0
|
[[ -z "$behind" ]] && behind=0
|
||||||
[[ -z "$ahead" ]] && ahead=0
|
[[ -z "$ahead" ]] && ahead=0
|
||||||
[[ -z "$current_commit" ]] && current_commit="unknown"
|
[[ -z "$current_commit" ]] && current_commit="unknown"
|
||||||
[[ -z "$latest_commit" ]] && latest_commit="$current_commit"
|
[[ -z "$latest_commit" ]] && latest_commit="$current_commit"
|
||||||
|
|
||||||
latest_version=$(sudo -u "$sudo_user_name" git -C "$repo_dir" show "refs/remotes/origin/$branch:VERSION" 2>/dev/null | tr -d ' \t\n\r')
|
latest_version=$(runAsManager git -C "$repo_dir" show "refs/remotes/origin/$branch:VERSION" 2>/dev/null | tr -d ' \t\n\r')
|
||||||
[[ -z "$latest_version" ]] && latest_version="$current_version"
|
[[ -z "$latest_version" ]] && latest_version="$current_version"
|
||||||
|
|
||||||
local update_available="false"
|
local update_available="false"
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user